Antonin Houska <a...@cybertec.at> wrote: > Robert Haas <robertmh...@gmail.com> wrote: > > > On Tue, Apr 12, 2022 at 5:30 AM Antonin Houska <a...@cybertec.at> wrote: > > > Robert Haas <robertmh...@gmail.com> wrote: > > > > On Mon, Apr 11, 2022 at 4:05 AM Antonin Houska <a...@cybertec.at> wrote: > > > > > There are't really that many kinds of files to encrypt: > > > > > > > > > > https://wiki.postgresql.org/wiki/Transparent_Data_Encryption#List_of_the_files_that_contain_user_data > > > > > > > > > > (And pg_stat/* files should be removed from the list.) > > > > > > > > This kind of gets into some theoretical questions. Like, do we think > > > > that it's an information leak if people can look at how many > > > > transactions are committing and aborting in pg_xact_status? In theory > > > > it could be, but I know it's been argued that that's too much of a > > > > side channel. I'm not sure I believe that, but it's arguable. > > > > > > I was referring to the fact that the statistics are no longer stored in > > > files: > > > > > > https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=5891c7a8ed8f2d3d577e7eea34dacff12d7b6bbd > > > > Oh, yeah, I agree with that. > > I see now that the statistics are yet saved to a file on server shutdown. I've > updated the wiki page. > > Attached is a new version of the patch, to evaluate what the API use in the > backend could look like. I haven't touched places where the file is accessed > in a non-trivial way, e.g. lseek() / fseek() or pg_pwrite() / pg_pread() is > called.
Rebased patch set is attached here, which applies to the current master. (A few more opportunities for the new API implemented here.) -- Antonin Houska Web: https://www.cybertec-postgresql.com
temp_file_api_v3.tgz
Description: application/gzip
